PIX501, Client 3.X VPN Problem

Please help. I have used VPN wizard to configure PIX 501. When testing with 3.6 client I have no traffic between client and internal network. Looks like I have tunnel open and client have address assigned from the internal pool. Configuration and Debug output is listed below.

Re: PIX501, Client 3.X VPN Problem

Andrew,

Based upon the "Show crypto ipsec sa", looks like you are able to successfully make a IPSEC Connection from the VPN Client to the Pix 501 but not able to pass traffic.

If 68.72.174.119 was the Public IP Address of the client, I see Decrypts on the IPSEC SA and but Encrypts. This basically means, the Pix 501 is receiving traffic from the client but is not able to send it back for some reason.

1. After successfully connecting to the Pix501 with the VPN Client, What IP Address did you try to access.

Re: PIX501, Client 3.X VPN Problem

AJ, It looks as though your IKE Phase 1 (shared key exchange) is not completing. It is trying 9 times and fails. Your transform sets show ESP-DES-MD5. Are your clients doing this also? I think they may be trying to connect at 3DES instead or another Diffie-Hellman Group (1 or 5). This appears to be a simple mismatch of settings. Let me know via email if you wish.

Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
view more

We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...
view more